Support Tip: Devices not receiving APP/MAM policies due to missing IP addresses

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

We recently received a customer support case where the App Protection Policy (APP also known as MAM) was not being delivered to the device due to a missing IP address exemption. If your organization uses a firewall or network protection system which targets or restricts reachable IP addresses, we recommend that you update your network configuration to allow network traffic to and from all MAM IP ranges as outlined in Network endpoints for Microsoft Intune, in case you run into the same issue.


For Windows devices, if you use a Defender Firewall profile to configure your IP address settings, below are the steps you can use to update these:

  1. Log in to Microsoft Endpoint Manager
  2. Go to Devices Configuration profiles 
  3. Select the Windows 10 and later with a Profile Type listed as Endpoint protection 
  4. Select Properties and click edit next to Configuration settings 
  5. Click Microsoft Defender Firewall 
  6. Scroll down to Firewall rules and edit the rule to update the IP address settings


For more information about firewall settings, see the following documents:


Let us know if you have any additional questions on this by replying to this post or by tagging @IntuneSuppTeam out on Twitter.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.